Date: Tue, 24 Feb 2004 14:36:59 -0800 From: David Schultz <das@FreeBSD.ORG> To: Colin Percival <colin.percival@wadham.ox.ac.uk> Cc: freebsd-current@FreeBSD.ORG Subject: Re: What to do about nologin(8)? Message-ID: <20040224223659.GB69570@VARK.homeunix.com> In-Reply-To: <6.0.1.1.1.20040223171828.03de8b30@imap.sfu.ca> References: <6.0.1.1.1.20040223171828.03de8b30@imap.sfu.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Feb 23, 2004, Colin Percival wrote:
> I can see a number of possible options; I'd like to hear
> opinions on which would be the best.
This is the third time this issue has been discussed, so before
the same arguments are rehashed, I'd like to lay out a simple plan
that I think people are unlikely to object to. (If anyone *does*
object, please say so.)
(1) Fix login(1) so that it disables the -p option when the target
user's shell is not in /etc/shells (unless the invoking user
is root), and
(2) Make nologin(8) setgid nobody, so rtld ignores LD_LIBRARY_PATH.
After that, people are welcome to debate whether to make nologin
dynamically linked again (which should be safe), whether to move
it to /usr/sbin (which sounds reasonable, but won't matter as much
anymore), and whatnot. I just don't want to (once again) get into
a big debate that ends up getting derailed so that nobody gets
anything done.
P.S. Both of these ideas are due to Tim Kientzle.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040224223659.GB69570>